Lock that mechanically detects tampering

ABSTRACT

Pin tumbler locks are provided that include features for detecting tampering. Tampering may be detected in a number of different ways. As an example, abnormal movement of one or more of the driver pins in a pin tumbler lock can be an indication of tampering. In addition, one or more sensors can be included at the end of a keyway that detect picking or bumping beyond the length of normal key insertion. A mechanical actuator can be used for detection.

BACKGROUND

Computer equipment, information and services often need protection fromunintentional or unauthorized access, change or destruction. Manycomputer systems include software authorization components and securitycomponents. Such components can provide protection against a hacker orother unauthorized individual who is trying to access information on thecomputer devices.

Hacking is typically not the only concern. Data and computer equipmentoften need to be protected from tampering, physical access, or theft,such as where a thief steals a computer or components of a computer tolater access data on the computer or to sell the hardware components.Hardware-based security can provide a solution to this issue, such as byhaving secure server racks, data centers, or individual case locks. Aphysical lock, such as a pin tumbler lock, can be an inexpensivedeterrent to theft. Pin tumbler locks are cheap to manufacture andrequire only a key for access. However, pin tumbler locks can be fairlyeasy to defeat via picking and/or bumping.

BRIEF DESCRIPTION OF THE DRAWINGS

Various embodiments in accordance with the present disclosure will bedescribed with reference to the drawings, in which:

FIG. 1 is a flow chart showing a process for sensing and handlingtampering of a lock in accordance with embodiments.

FIG. 2 is a partial cutaway, perspective view of a prior art pin tumblerlock.

FIG. 3 is a partial cutaway, perspective view of the prior art pintumbler lock of FIG. 2, with a key inserted.

FIG. 4 is a partial cutaway, perspective view of the prior art pintumbler lock of FIGS. 2 and 3, with the key rotated.

FIG. 5 is a partial cutaway, side view of a pin tumbler lockincorporating a mechanical sensing system in accordance withembodiments.

FIG. 6 is a partial cutaway, side view of an alternate embodiment of apin tumbler lock incorporating a mechanical sensing system in accordancewith embodiments.

FIG. 7 is a partial cutaway, side view of a pin tumbler lockincorporating an electrical sensing system in accordance withembodiments.

FIG. 8 is a flow chart showing a process for handling sensed tamperinginformation in accordance with embodiments.

FIG. 9 is a partial cutaway, side view of a pin tumbler lockincorporating a lockout component in accordance with embodiments.

FIG. 10 is a partial cutaway, side view of a pin tumbler lockincorporating a mechanical sensing system at the end of a keyway inaccordance with embodiments.

FIG. 11 is a partial cutaway, side view of a pin tumbler lockincorporating an electrical sensing system at the end of a keyway inaccordance with embodiments.

FIG. 12 is a partial cutaway, perspective view of a pin tumbler lockutilizing a self-winding mechanism in accordance with embodiments.

FIG. 13 illustrates an environment in which various embodiments can beimplemented.

DETAILED DESCRIPTION

In the following description, various embodiments will be described. Forpurposes of explanation, specific configurations and details are setforth in order to provide a thorough understanding of the embodiments.However, it will also be apparent to one skilled in the art that theembodiments may be practiced without the specific details. Furthermore,well-known features may be omitted or simplified in order not to obscurethe embodiment being described.

In accordance with embodiments, physical locks are provided that includefeatures for detecting tampering. The locks may be, for example, pintumbler locks. Tampering may be detected in a number of different ways.As an example, abnormal movement of one or more of the driver pins in apin tumbler lock can be an indication of tampering. In addition, one ormore sensors can be included at the end of a keyway that detect pickingor bumping beyond the length of normal key insertion. As other ways todetect tampering, excessive torque on a plug or vibration of the plug orlock can also be detected.

Sensors for detecting key tampering can be mechanical, such as anactuator, or can be electrical, such as optical sensors, pressuresensors, conductivity sensors, capacitive sensors, magnetic sensors,proximity sensors, rotation sensors, acceleration sensors,electromechanical switches, or movement detectors. If mechanical, alever or other linkage can be connected to the driver pins or a keywaysensor, and an actuation of the lever or other device can cause a “mousetrap” release of a spring to lock out the pin tumbler lock and/or a doorprotected by the lock. Alternatively, the lever or other linkage cantrigger a switch to perform another function, such as setting off analarm or causing a solenoid to fire to lock the pin tumbler lock and/orthe door. As an example, upon sensing tampering of a pin tumbler lock, aplunger pin may be moved to block out rotation of a plug for the pintumbler lock. Alternatively, a lock that is separate from the pintumbler lock, such as a deadbolt lock, can be actuated. In someembodiments, any key in the lock may be retained.

A signal received from an electronic sensor can be used, for example bya management component, in a number of different ways. As an example, ina master lock configuration, an audit of the particular key being usedcan be maintained and/or acted upon. A signal can be sent for doorlockout and/or pin tumbler lockout. Software behind the lock can also behandled. For example, when tampering is detected, the managementcomponent can instruct automated destruction of software that isphysically protected by the lock. As another option, an alarm can besent to security and/or an administrator. In addition, as a result ofreceiving information about a tampering event, software or othermaterial can be destroyed, privileges can be revoked, software can beencrypted, or software protected by the lock can otherwise be madeinaccessible. Examples are described in U.S. application Ser. No.13/765,020, filed Feb. 12, 2013, entitled “Data Security with a SecurityModule”, incorporated herein by reference.

Locks described herein have particular application to protection ofcomputer equipment and computer devices. The computer devices can be,for example, in a datacenter or other facility used to house computersystems and components. A datacenter can include rooms, which in turninclude racks. The racks can include individual components, such asservers and/or network components. Any or all of these can be protectedby the locks of the present system.

For example, the entire datacenter can include such a lock at a frontdoor. Similar locks can be used at a room level. A rack may be any frameor enclosure capable of mounting one or more servers or other computingdevices. In some applications, the rack can be a four-post server rack,a server cabinet, an open-frame two-post rack, a portable rack, a LANrack, combinations of the same, or the like. Datacenter components thatare maintained in a rack can be protected using one of the locksdescribed herein.

Referring now to the drawings, in which like reference numeralsrepresent like parts throughout the several views, FIG. 1 is a flowchartrepresenting a process 100 for handling a tampering event with respectto a lock in accordance with embodiments.

At 102, tampering of a lock is sensed. This sensing can occur via one ormore mechanical or electronic sensors, with some examples describedbelow. At 104, the sensing event is handled or reported. In embodiments,if a mechanical sensor and lockout mechanism is used, handling caninvolve automated mechanical lockout of a door or the lock as a resultof the tampering. If electronic sensing is utilized, then informationcan be provided to a management component, which can be hardware,software, or a combination of the two, and the management component canhandle accordingly, for example by locking out the lock or reporting thetampering incident.

Embodiments herein are directed to tamper detection and/or remediationfor any type of lock, but specific embodiments are directed to pintumbler locks. Although pin tumbler locks are known, details areprovided here for the benefit of the reader. To this end, a prior artpin tumbler lock 200 is shown in FIGS. 2-4.

The pin tumbler lock 200 includes a cylindrical outer casing 202. Theouter casing 202 has a cylindrical hole in which a plug 204 is housed.To open the pin tumbler lock 200, the plug 204 must rotate.

The plug 204 has a straight slot, called a “keyway” 206, extendingthrough its center. During use, the keyway 206 receives a key K (FIG.3), which unlocks the pin tumbler lock 200, and rotation of whichrotates the plug 204 (FIG. 4). The distal end of the plug 204 typicallyincludes a cam or lever (not shown) which actuates a mechanism toretract a locking bolt, for example, in a door (both not shown, butknown). A series of holes or shafts 208 (FIG. 4), typically five or sixin number, are drilled vertically into the plug 204. These shafts 208include key pins 210 of various lengths, which are rounded at a bottomend to permit a key K to slide over the key pins when the key is enteredinto the keyway 206 (FIG. 3).

Above each key pin 210 is a corresponding driver pin 212. The driverpins 212 are biased downward by springs 214. The outer casing 202includes several vertical shafts 216 for receiving the driver pins 212and the springs 214. Simpler locks typically have only one driver pin212 for each key pin 210, but locks requiring multi-key entry, such as agroup of locks having a master key, may have one or more extra driverpins known as “spacer pins.” This arrangement is not shown in FIGS. 2-4,but is known.

The point where the plug 204 and the cylindrical outer casing 202 meetis called a shear point 218. As shown in FIG. 2, when the plug 204 andthe outer casing 202 are assembled, the key pins 210 are pushed downinto the plug by the springs 214 and the driver pins 212. When the key Kis not in the lock 200, the driver pins 212 straddle the shear point218, preventing the plug 204 from rotating.

When a key K is properly cut and is fully inserted into the keyway 206,the key pins 210 rise against the bias of the springs 214. The length ofthe key pins 210 is such that the proper key causes the tops of the keypins to align at the shear point 218, as shown in FIG. 3. This allowsthe plug 204 to rotate (FIG. 4), thus opening the lock 200.

In the case of a lock that permits use of a master key, each outercasing 202 and plug 204 is configured such that each key that is not amaster key causes the key pins 201 to rise to align at the shear point.The master key, on the other hand, causes the spacer pins (not shown) toalign at the shear point 218. The master key may alternatively alignsome of the spacer pins and some of the key pins 210 at the shear point218. In any event, the master key is capable of opening multipledifferent locks 200, whereas some keys are designed to open only asingle lock or an identically-keyed set of locks.

There are two common methods of defeating a pin tumbler lock, such asthe pin tumbler lock 200: picking and bumping. Picking involvesinserting a pick and moving the key pins 210 upward and downward untilthe picker feels that the key pins 210 are aligned with the shear point218. This often involves moving one pin at a time while tension isapplied to keep the pins in position. In the course of picking, eachdriver pin 212 is raised further than its final height to set the pin.This action typically does not occur when a proper key is inserted.Instead, when the proper key is inserted, the driver pins 212 move nohigher than pushed by the highest point on the key.

When a lock is bumped, a key filed to a certain pattern is insertedforcibly, causing all pins to fly up. Thus, bumping also results in thedriver pins 212 moving higher than by a proper key.

In normal operation, with an authentic key K inserted into the keyway206, each driver pin 212 is raised to a particular height determined bythe key contour. In accordance with embodiments, to detect bumping orpicking, one or more sensors are placed in the pin shaft(s) 216, on thedriver pin(s) 212 or otherwise where the sensor(s) can sense driver pin212 movements. If one or more of the driver pins 212 are raised furtherthan expected by an authentic key, the sensor(s) can generate sensorevent information and/or automatically cause handling or reporting ofthe sensed tampering activity.

As examples of handling of a sensor event, an alarm can be triggered ora mechanism can be triggered for inactivating the lock or a door thatthe lock protects. The inactivation mechanism can be, for example, anadditional deadbolt or other lock for the door or other structure forwhich the lock 200 provides security. In addition, in accordance withembodiments, the inactivation mechanism can be an additional lockoutfeature on the pin tumbler lock for preventing rotation of the plug 204relative to the outer casing 202.

For example, as shown in FIG. 5, a lock 500 includes a sensor 530mounted in an outer casing 502. For ease of description herein, thevarious embodiments of pin tumbler locks herein utilize like referencenumerals for like parts throughout the several views to the prior arttumbler lock 200, with the numbers in the hundreds location changed forthe different embodiments. Thus, the lock 500 includes parts that aresimilar to the lock 200, and similar numbers are used for those parts,with “2” used in the hundreds place for the parts of the lock 200, and“5” used in the hundreds place for parts of the lock 500.

The sensor 530 is a mechanical sensor, which actually works as anactuator. By actuator, we mean a device or mechanism that takes actionupon being actuated. Primarily, the actuators herein are devices ormechanisms that, upon sensing (typically by being moved), take action,such as flipping a switch or springing a trap or otherwise takingmechanical action.

In the lock 500, the sensor 530 includes a block 532 that is positionedin the path of one of the driver pins 512. Specifically, the block 532is located at a position that is higher than where the driver pin 512would travel under normal use (i.e., opening by an authentic key) butlow enough to be engaged when the lock 500 is being picked or bumped.Thus, when the driver pin 512 is moved too far upward relative tonormal, it engages the block 532. Similar blocks 532 and sensors 530 canbe provided for additional driver pins 512.

The block 532 connects to a lever arm 534. Movement of the driver pin512 upward to an extent beyond what is normal operation causes the block532 to be engaged, and the lever arm 534 to rotate. A distal end of thelever arm 534 engages a switch 536, which may be, for example, a switch.The switch 536 in turn actuates a solenoid 538, which drives a plungerpin 540 through a shaft 542 and into an opening 544 in the plug 504. Theplunger pin 540 straddles the shear point 518 and thus locks the plug504 from rotation. As an alternative to the solenoid, a linear actuatorcan be used for lockout.

The sensor 530 shown in FIG. 5 thus can automatically disable the lock500 as a result of sensing tampering, in this case by sensing overtravelof one of the driver pins 512. As discussed above, such a system can beset up so that excessive travel or movement of any of the driver pins512 can cause a similar reaction.

Although shown as using a solenoid 538, other structures can be used forlocking movement of the plug 504. For example, a mousetrap type ofsystem can be used in which a spring is positioned behind the plungerpin 540 and the spring is released upon contact by the lever arm 534. Inembodiments, however, the plunger pin 540 engages and locks the plug 504in a position remote from the keyway 506. This feature ensures that apicker or bumper cannot have access to the plunger pin 540 through thekeyway 506.

Other mechanical linkages can be provided to connect a driver pin sensorto locking of the plug 502 or some other handler, such as a deadbolt ina door in which the lock 500 is installed. In general, such linkagestranslate excessive travel of one of the driver pins 512 into a movementthat can lockout or otherwise handle the tampering event. A mechanicallinkage can, for example, cause locking of a deadbolt that is separatefrom the lock 500. The mechanical linkage can also engage a switch toset off an alarm, or can otherwise mechanically react to tampering ofthe lock 500.

In embodiments, a sensor can react to multiple incidents of excessivetravel of a driver pin 512, instead of only a single incident. Thisarrangement can prevent a single occurrence from accidentally lockingout the lock. For example, FIG. 6 shows an embodiment of a lock 600which is similar to the lock 500 in FIG. 5. However, instead of causingdirect actuation of the plunger pin 540, the lock 600 includes anindexing mechanism 650 that is engaged by a lever arm 634. The indexingmechanism 650 includes several teeth 652, 654. When the lever arm rocks,it engages one of the teeth 652, 654 and indexes the indexing mechanisma distance of the tooth. Every third tooth 654 is long, with theintermediate teeth 652 being short. The long teeth 654 can actuate aswitch 536, but the short teeth 652 are too short to engage the switch.

Utilizing the structure in FIG. 6, the plunger 640 is actuated on everythird sensing of excessive travel of the driver pin 612. Thus,accidental sensing can be eliminated and only when excessive tamperingtakes place does the sensor 630 result in lockout of the lock 600.

As an alternative to mechanical sensing and coupling of a sensor todriver pin movement, electrical sensing of excessive driver pin movementcan be used, and the signals generated by the electronic sensors can beacted on according to a plan or routine. As an example, as shown in FIG.7, a sensor 730 includes electronic sensors 732, one each for the driverpin shafts 516. Although a separate electronic sensor 732 is shown foreach of the driver pins 712, only one or any subset of the driver pins712 can be sensed.

The electronic sensors 732 can be optical sensors, pressure sensors,movement sensors, or any other sensor that can provide a signal orinformation in response to movement of a driver pin 512. In embodiments,the information is provided to a management component 750. Themanagement component 750 can be a computer or any micro-controller thatcan perform the lockout, inactivation, messaging or other handlingfeatures described herein. In embodiments, the management component 750can be coupled to a lockout mechanism 752, which can be structured toprovide lockout of the lock 750 or an alternative lockout for a doorthat the lock is designed to secure. The management component 750 canalso be coupled to an audit component 754, which can maintain and/orreport information about the sensed event information received by themanagement component.

The electronic sensor 730 in FIG. 7 can be utilized for a number ofdifferent functions. As an example, as described above, tampering can bedetected, for example by sensing that one or more driver pins 712 arepushed above their normal limits. In addition, for a lock that canreceive multiple key patterns, a particular key that is used can bedetected and can be authorized or not, based on information maintainedby the management component 750. Thus, in some situations, such as alockdown of a datacenter, only a master key or certain authorized keysmay be provided access. Thus, the electronic sensors 712 provideinformation to the management component 750 based upon travel of thedriver pins 712. This information is checked against stored data todetermine which key is being used, and authorization is provided or notbased upon the current authorization associated with the key. In someembodiments, certain keys may be operable to reset the tamper lockout.In some embodiments, a particular sequence of such keys may be requiredto reset the lockout.

The management component 750 can receive data from a number of sensors,correct errors and reconcile data from one source to that of another,maintain and/or retrieve authorization information about keys and/users,generate instructions on handling of locks, alarms or other featuresdescribed herein. The management component 750 can reconcile the datareceived from the disparate sources, and generate instructions forhandling the lock or associated components as needed. In someembodiments, the management component 750 can generate an alert torequest human interaction with the device, for example in accordancewith a playbook. In other embodiments, the management component 750 cangenerate instructions that are received by the lock or other componentsto cause the components to react accordingly, e.g., to change stateand/or operation.

The management component 750 can be a computing device, such as amicroprocessor, configured with various hardware and software modules toimplement the processes described herein. In embodiments, the managementcomponent 750 can be physically located within a lock, physicallyconnected to the lock, or can be remotely located from a lock. In someembodiments, the management component 750 can be remote from the lockand even the building in which the lock in located. A single managementcomponent can also manage a number of locks, and can be connected tothose locks or positioned remotely of those locks. In addition,reporting functions of the management component can be processed,presented, or reported on by the management component, or can be sent toa centralized management component for processing or handling.

FIG. 8 shows a process 800 for controlling operation of a lock, such asthe lock 700, utilizing an electronic sensor, such as the electronicsensor 730. Many of the functions of FIG. 8 are performed by themanagement component 750.

Beginning at 802, the management component 750 receives driver pinsensed event information. For example, the amount each of the driverpins 712 moves in corresponding shafts 716 can be provided to themanagement component 750. At 804, the management component accessesdriver pin information to determine what action to take with respect tothe lock 700 in accordance with the information received at 802. If thedriver pin information indicates that the movement is an authorizedmovement, then 806 branches to 808, where the lock is allowed to beopened or other authorized movement is permitted. If the informationreceived at 804 does not indicate authorization, then 806 branches tostep 810, where the lock 700 is locked out, an alarm sounds, or otheraction is taken. As indicated above, a number of different options areprovided for locking out the lock 700. In addition, as opposed to alockout, an alarm can be sounded or other alert.

In still further embodiments, information can be sent by the managementcomponent 750 to software, with instructions for software or othermaterial to be destroyed, privileges to be revoked, software and/or datato be encrypted, and/or software protected by the lock can otherwise bemade inaccessible.

At 812, after either allowing access or providing lockout or otherwisehandling, the information can be reported or otherwise stored. Forexample, the management component 750 can maintain information about thenumber of uses of a particular key, whether a key is a master key thatis being used, or other information. In addition, the type ofauthorization permitted can be altered based upon whether a key is amaster key or a different type of key.

As described above, a plunger pin, such as the plunger pin 640, can beused to lockout the plug 604 from rotation. As discussed above, onebenefit to the location of the plunger pin 640 is that it cannot beaccessed from the keyway 606. In embodiments, such a plunger pin 640 orother lockout mechanism can be utilized with or without sensingmechanisms. As an example, as shown in FIG. 9, a plunger pin 940 can beutilized with a plug 904. This plunger 940 can be connected, forexample, to a management component 950 which determines when thesolenoid 938 fires. The management component 950 can, for example, lockout the plug 904 as a result of an emergency. As another option, a plug904 can be locked during a period of time to allow completion of amaintenance routine on a computer protected by the plug.

In most of the embodiments herein, the plunger pin 940 is normallyunlocked. Alternatively, the plunger pin 940 can be normally locked inposition, and action may be required to permit release. When an alarmcondition is detected, it can be desirable to prevent opening of thelock 900. The plunger pin 940 can be used to lock out the lock 90 insuch an alarm situation.

In addition, the plunger pin 940 can be utilized to require multi-factorauthentication to open the lock 900. For example, in addition torequiring a proper key to turn the lock 900, the plunger pin 940 can beoperated in accordance with another security authorization, such asbio-informatics or an RFID (radio frequency identification) tagpositioned within the key and read by a RFID reader in or near the lock900.

Thus, to open the lock 900, two requirements must be met. First, theplunger pin 940 must be removed from the opening 944. Second, the properkey must be inserted in the keyway 906. Both of these must occur for theplug 904 to be rotatable. As such, multiple security features areprovided by the plunger pin 940/management module 950 over a standardpin tumbler lock. In alternate embodiments, the plunger pin 940 (or someother lockout mechanism) can be normally locked, and some action, suchas authentication via RFID or some other security clearance, is requiredto unlock the pin or lock mechanism prior to the pin or lock mechanismreleasing to allow key access.

An advantage of the plunger 940 is that it is positioned beyond and isnot accessible from the keyway 906. Thus, a potential intruder trying topick the lock 900 cannot access the plunger 904.

In accordance with embodiments, picking or bumping can also be detectedby providing a sensor that is located at a position in the keyway andthat is beyond a key end for an authentic key. For example, as shown inFIG. 10, a lock 1000 includes a keyway 1006 with a distal end 1060 thatis beyond the key end KE of a key K that is inserted into the keyway.Thus, under normal operation of the lock 1000, the key K does not extendinto the distal end 1060. However, on picking or bumping, a potentialintruder may extend a pick or bumping key beyond the key end KE to thedistal end 1060 of the keyway 1006. To sense such a situation, the lock100 includes a sensor 1030, which can be any of the electrical ormechanical sensors described herein. In the embodiment shown in FIG. 10,the sensor 1030 is a mechanical actuator that, upon being contacted by apick or bumping key or other tool, rotates an indexing mechanism 1050,similar to the indexing mechanism 650. This indexing mechanism 1050actuates a switch 1070 on every third engagement with the indexingmechanism 1050. The switch 1070 handles accordingly, as described above.

As an alternative to the indexing mechanism 1050, the sensor 1030 canprovide an immediate response to engagement by a tool in the distal end1060 of the keyway 1006. In a similar manner, as shown in FIG. 11,instead of a mechanical switch, an electrical sensor 1130 can beprovided that connected to a management component 1150. The function ofthe management component 1150 can be similar to the management component750, described above. As with the management component 750, themanagement component 1150 can be connected to at least one of a lockoutcomponent 1152 and an audit component 1154.

In accordance with additional embodiments, the use of a self-winding orgenerator mechanism can be used with a cylinder lock, such as the pintumbler locks described herein. Energy from the mechanism can be used toself-power the electronic and/or mechanical mechanisms, such as thesensors, described herein.

For example, as shown in FIG. 12, a lock can include a spring 1270connected to the back, distal end of the plug 1204. The spring 1270 isconnected to a block 1272. The spring 1270 can be, for example, a spiraltorsion spring of metal ribbon and can be the power source for the locksfor many of the embodiments described herein. To this end, the spring1270 is used in a manner that is similar to winding springs for watches.For example, power stored in the spiral torsion spring can be utilizedto power the solenoids 538, 638. The spring 1270 may be similar to amodern mainspring, and can be coiled and wound by operation of a userrotating the plug 1204 with the key K.

Operation of mainsprings is known, but some detail is given here for thebenefit of the reader. The mainspring is coiled around an axle calledthe arbor 1280, with the inner end hooked to the arbor. The outer end isattached to a stationary post, such as the block 1272. The spring iswound by turning the arbor, which in this case is connected to the plug1204. The wound spring energy can then be used to power the componentsof the lock 1200. The winding mechanism includes a ratchet attached witha pawl to prevent the spring from unwinding.

Some or all of the process 200, 800 (or any other processes or functionsdescribed herein, or variations and/or combinations thereof) may beperformed under the control of one or more computer systems configuredwith executable instructions and may be implemented as code (e.g.,executable instructions, one or more computer programs or one or moreapplications) executing collectively on one or more processors, byhardware or combinations thereof. The code may be stored on acomputer-readable storage medium, for example, in the form of a computerprogram comprising a plurality of instructions executable by one or moreprocessors. The computer-readable storage medium may be non-transitory.

FIG. 13 illustrates aspects of an example environment 1300 forimplementing aspects in accordance with various embodiments. As will beappreciated, although a Web-based environment is used for purposes ofexplanation, different environments may be used, as appropriate, toimplement various embodiments. The environment includes an electronicclient device 1302, which can include any appropriate device operable tosend and receive requests, messages or information over an appropriatenetwork 1304 and convey information back to a user of the device.Examples of such client devices include personal computers, cell phones,handheld messaging devices, laptop computers, set-top boxes, personaldata assistants, electronic book readers and the like. The network caninclude any appropriate network, including an intranet, the Internet, acellular network, a local area network or any other such network orcombination thereof. Components used for such a system can depend atleast in part upon the type of network and/or environment selected.Protocols and components for communicating via such a network are wellknown and will not be discussed herein in detail. Communication over thenetwork can be enabled by wired or wireless connections and combinationsthereof. In this example, the network includes the Internet, as theenvironment includes a Web server 1306 for receiving requests andserving content in response thereto, although for other networks analternative device serving a similar purpose could be used as would beapparent to one of ordinary skill in the art.

The illustrative environment includes at least one application server1308 and a data store 1310. It should be understood that there can beseveral application servers, layers, or other elements, processes orcomponents, which may be chained or otherwise configured, which caninteract to perform tasks such as obtaining data from an appropriatedata store. As used herein the term “data store” refers to any device orcombination of devices capable of storing, accessing and retrievingdata, which may include any combination and number of data servers,databases, data storage devices and data storage media, in any standard,distributed or clustered environment. The application server can includeany appropriate hardware and software for integrating with the datastore as needed to execute aspects of one or more applications for theclient device, handling a majority of the data access and business logicfor an application. The application server provides access controlservices in cooperation with the data store and is able to generatecontent such as text, graphics, audio and/or video to be transferred tothe user, which may be served to the user by the Web server in the formof HyperText Markup Language (“HTML”), Extensible Markup Language(“XML”) or another appropriate structured language in this example. Thehandling of all requests and responses, as well as the delivery ofcontent between the client device 1302 and the application server 1308,can be handled by the Web server. It should be understood that the Weband application servers are not required and are merely examplecomponents, as structured code discussed herein can be executed on anyappropriate device or host machine as discussed elsewhere herein.

The data store 1310 can include several separate data tables, databasesor other data storage mechanisms and media for storing data relating toa particular aspect. For example, the data store illustrated includesmechanisms for storing production data 1312 and user information 1316,which can be used to serve content for the production side. The datastore also is shown to include a mechanism for storing log data 1314,which can be used for reporting, analysis or other such purposes. Itshould be understood that there can be many other aspects that may needto be stored in the data store, such as for page image information andto access right information, which can be stored in any of the abovelisted mechanisms as appropriate or in additional mechanisms in the datastore 1310. The data store 1310 is operable, through logic associatedtherewith, to receive instructions from the application server 1308 andobtain, update or otherwise process data in response thereto. In oneexample, a user might submit a search request for a certain type ofitem. In this case, the data store might access the user information toverify the identity of the user and can access the catalog detailinformation to obtain information about items of that type. Theinformation then can be returned to the user, such as in a resultslisting on a Web page that the user is able to view via a browser on theuser device 1302. Information for a particular item of interest can beviewed in a dedicated page or window of the browser.

Each server typically will include an operating system that providesexecutable program instructions for the general administration andoperation of that server and typically will include a computer-readablestorage medium (e.g., a hard disk, random access memory, read onlymemory, etc.) storing instructions that, when executed by a processor ofthe server, allow the server to perform its intended functions. Suitableimplementations for the operating system and general functionality ofthe servers are known or commercially available and are readilyimplemented by persons having ordinary skill in the art, particularly inlight of the disclosure herein.

The environment in one embodiment is a distributed computing environmentutilizing several computer systems and components that areinterconnected via communication links, using one or more computernetworks or direct connections. However, it will be appreciated by thoseof ordinary skill in the art that such a system could operate equallywell in a system having fewer or a greater number of components than areillustrated in FIG. 13. Thus, the depiction of the system 1300 in FIG.13 should be taken as being illustrative in nature and not limiting tothe scope of the disclosure.

Some various embodiments further can be implemented in a wide variety ofoperating environments, which in some cases can include one or more usercomputers, computing devices or processing devices which can be used tooperate any of a number of applications. User or client devices caninclude any of a number of general purpose personal computers, such asdesktop or laptop computers running a standard operating system, as wellas cellular, wireless and handheld devices running mobile software andcapable of supporting a number of networking and messaging protocols.Such a system also can include a number of workstations running any of avariety of commercially-available operating systems and other knownapplications for purposes such as development and database management.These devices also can include other electronic devices, such as dummyterminals, thin-clients, gaming systems and other devices capable ofcommunicating via a network.

Some embodiments utilize at least one network that would be familiar tothose skilled in the art for supporting communications using any of avariety of commercially-available protocols, such as TransmissionControl Protocol/Internet Protocol (“TCP/IP”), File Transfer Protocol(“FTP”), Universal Plug and Play (“UpnP”), Network File System (“NFS”),and Common Internet File System (“CIFS”). The network can be, forexample, a local area network, a wide-area network, a virtual privatenetwork, the Internet, an intranet, an extranet, a public switchedtelephone network, an infrared network, a wireless network and anycombination thereof.

In embodiments utilizing a Web server, the Web server can run any of avariety of server or mid-tier applications, including Hypertext TransferProtocol (“HTTP”) servers, FTP servers, Common Gateway Interface (“CGI”)servers, data servers, Java servers and business application servers.The server(s) also may be capable of executing programs or scripts inresponse requests from user devices, such as by executing one or moreWeb applications that may be implemented as one or more scripts orprograms written in any programming language, such as Java®, C, C# orC++, or any scripting language, such as Perl, Python or TCL, as well ascombinations thereof. The server(s) may also include database servers,including without limitation those commercially available from Oracle®,Microsoft®, Sybase® and IBM®.

The environment can include a variety of data stores and other memoryand storage media as discussed above. These can reside in a variety oflocations, such as on a storage medium local to (and/or resident in) oneor more of the computers or remote from any or all of the computersacross the network. In a particular set of embodiments, the informationmay reside in a storage-area network (“SAN”) familiar to those skilledin the art. Similarly, any necessary files for performing the functionsattributed to the computers, servers or other network devices may bestored locally and/or remotely, as appropriate. Where a system includescomputerized devices, each such device can include hardware elementsthat may be electrically coupled via a bus, the elements including, forexample, at least one central processing unit (“CPU”), at least oneinput device (e.g., a mouse, keyboard, controller, touch screen orkeypad) and at least one output device (e.g., a display device, printeror speaker). Such a system may also include one or more storage devices,such as disk drives, optical storage devices and solid-state storagedevices such as random access memory (“RAM”) or read-only memory(“ROM”), as well as removable media devices, memory cards, flash cards,etc.

Such devices also can include a computer-readable storage media reader,a communications device (e.g., a modem, a network card (wireless orwired), an infrared communication device, etc.) and working memory asdescribed above. The computer-readable storage media reader can beconnected with, or configured to receive, a computer-readable storagemedium, representing remote, local, fixed and/or removable storagedevices as well as storage media for temporarily and/or more permanentlycontaining, storing, transmitting and retrieving computer-readableinformation. The system and various devices also typically will includea number of software applications, modules, services or other elementslocated within at least one working memory device, including anoperating system and application programs, such as a client applicationor Web browser. It should be appreciated that alternate embodiments mayhave numerous variations from that described above. For example,customized hardware might also be used and/or particular elements mightbe implemented in hardware, software (including portable software, suchas applets) or both. Further, connection to other computing devices suchas network input/output devices may be employed.

Storage media and computer readable media for containing code, orportions of code, can include any appropriate media known or used in theart, including storage media and communication media, such as but notlimited to volatile and non-volatile, removable and non-removable mediaimplemented in any method or technology for storage and/or transmissionof information such as computer readable instructions, data structures,program modules or other data, including RAM, ROM, Electrically ErasableProgrammable Read-Only Memory (“EEPROM”), flash memory or other memorytechnology, Compact Disc Read-Only Memory (“CD-ROM”), digital versatiledisk (DVD) or other optical storage, magnetic cassettes, magnetic tape,magnetic disk storage or other magnetic storage devices or any othermedium which can be used to store the desired information and which canbe accessed by the a system device. Based on the disclosure andteachings provided herein, a person of ordinary skill in the art willappreciate other ways and/or methods to implement the variousembodiments.

The specification and drawings are, accordingly, to be regarded in anillustrative rather than a restrictive sense. It will, however, beevident that various modifications and changes may be made thereuntowithout departing from the broader spirit and scope of the invention asset forth in the claims.

Other variations are within the spirit of the present disclosure. Thus,while the disclosed techniques are susceptible to various modificationsand alternative constructions, certain illustrated embodiments thereofare shown in the drawings and have been described above in detail. Itshould be understood, however, that there is no intention to limit theinvention to the specific form or forms disclosed, but on the contrary,the intention is to cover all modifications, alternative constructionsand equivalents falling within the spirit and scope of the invention, asdefined in the appended claims.

The use of the terms “a” and “an” and “the” and similar referents in thecontext of describing the disclosed embodiments (especially in thecontext of the following claims) are to be construed to cover both thesingular and the plural, unless otherwise indicated herein or clearlycontradicted by context. The terms “comprising,” “having,” “including,”and “containing” are to be construed as open-ended terms (i.e., meaning“including, but not limited to,”) unless otherwise noted. The term“connected” is to be construed as partly or wholly contained within,attached to, or joined together, even if there is something intervening.Recitation of ranges of values herein are merely intended to serve as ashorthand method of referring individually to each separate valuefalling within the range, unless otherwise indicated herein and eachseparate value is incorporated into the specification as if it wereindividually recited herein. All methods described herein can beperformed in any suitable order unless otherwise indicated herein orotherwise clearly contradicted by context. The use of any and allexamples, or exemplary language (e.g., “such as”) provided herein, isintended merely to better illuminate embodiments of the invention anddoes not pose a limitation on the scope of the invention unlessotherwise claimed. No language in the specification should be construedas indicating any non-claimed element as essential to the practice ofthe invention.

Preferred embodiments of this disclosure are described herein, includingthe best mode known to the inventors for carrying out the invention.Variations of those preferred embodiments may become apparent to thoseof ordinary skill in the art upon reading the foregoing description. Theinventors expect skilled artisans to employ such variations asappropriate and the inventors intend for the invention to be practicedotherwise than as specifically described herein. Accordingly, thisinvention includes all modifications and equivalents of the subjectmatter recited in the claims appended hereto as permitted by applicablelaw. Moreover, any combination of the above-described elements in allpossible variations thereof is encompassed by the invention unlessotherwise indicated herein or otherwise clearly contradicted by context.

All references, including publications, patent applications and patents,cited herein are hereby incorporated by reference to the same extent asif each reference were individually and specifically indicated to beincorporated by reference and were set forth in its entirety herein.

What is claimed is:
 1. A pin tumbler lock, comprising: a body; a plugrotatingly mounted in the body and comprising a keyway for receiving akey; a pin shaft extending from the body into the plug; at least onetumbler pin in the shaft; an actuator configured to actuate in responseto movement of said at least one tumbler pin in the shaft beyond apredetermined position in the shaft; a lockout mechanism comprising aplunger pin for locking rotation of the plug; and a mechanical linkageconnected between the lockout mechanism and the actuator and configuredto transmit mechanical force from the actuator to the lockout mechanismso as to lock rotation of the plug.
 2. The pin tumbler lock of claim 1,wherein the lockout mechanism is configured to lock rotation of the plugin response to the actuator actuating.
 3. The pin tumbler lock of claim1, wherein the actuator includes a lever configured to rotate whenengaged by said at least one tumbler pin and to flip a switch to causelockout of the plug relative to the body in response to said rotation.4. The pin tumbler lock of claim 1, wherein the actuator comprises asolenoid configured to fire and move the plunger pin into position tostraddle the body and the plug, preventing rotation of the plug.
 5. Thepin tumbler lock of claim 1, further comprising an indexing mechanism,wherein actuation of the actuator causes the indexing mechanism toindex, and the indexing mechanism reacts differently at intervals ofbeing indexed.
 6. The pin tumbler lock of claim 1, wherein the lockoutmechanism is configured to lock a door that the pin tumbler locksecures.
 7. The pin tumbler lock of claim 1, wherein the actuator isconfigured to set off an alarm in response to being actuated.
 8. The pintumbler lock of claim 1, wherein the actuator is actuated by directengagement with said at least one tumbler pin when said at least onetumbler pin moves to the predetermined position.
 9. The pin tumbler lockof claim 1, wherein the lockout mechanism comprises a spring forpreventing lockout by the plunger pin, and the mechanical linkage isconnected with the actuator and configured for releasing the spring. 10.The pin tumbler lock of claim 1, wherein the predetermined positioncorresponds to a displacement associated with an authorized key.
 11. Apin tumbler lock, comprising: a body; a plug rotatingly mounted in thebody and defining a keyway for receiving a key; means for sensingtampering of the pin tumbler lock via the keyway; a lockout mechanismfor locking rotation of the plug; and a mechanical linkage connectedwith the lockout mechanism and with the means for sensing tampering, themechanical linkage configured to trigger the lockout mechanism when themeans for sensing tampering senses an excessive movement of a pin in thekeyway while the plug is stationary in the body, the excessive movementbeing greater than a movement expected with an authentic key, andconfigured to transmit mechanical force from the means for sensingtampering to the lockout mechanism.
 12. The pin tumbler lock of claim11, wherein said means for sensing comprises a mechanical actuator. 13.The pin tumbler lock of claim 11, wherein said means for sensingcomprises an electrical sensor.
 14. The pin tumbler lock of claim 13,wherein the electrical sensor comprises at least one of an opticalsensor, a movement sensor, or a pressure sensor.
 15. The pin tumblerlock of claim 11, wherein the lockout mechanism is connected to themeans for sensing, and configured to lock rotation of the plug inresponse to said means for sensing tampering.
 16. The pin tumbler lockof claim 11, wherein said means for sensing consists of a mechanicalactuator.
 17. A pin tumbler lock, comprising: a body; a plug rotatinglymounted in the body and defining a keyway for receiving a key; a lockoutmechanism, inaccessible from the keyway, and configured to selectivelylock rotation of the plug relative to the body; a sensor for sensingtampering of the pin tumbler lock via the keyway by sensing excessivetravel of one or more pins in the keyway, the excessive travel beinggreater than a travel expected with an authentic key; and a mechanicallinkage connected with the lockout mechanism and the sensor andconfigured to transmit mechanical force from the sensor to the lockoutmechanism.
 18. The pin tumbler lock of claim 17, wherein the lockoutmechanism comprises a plunger pin movable into position to straddle thebody and the plug, preventing rotation of the plug.
 19. The pin tumblerlock of claim 18, further comprising a solenoid, and wherein the plungerpin is movable by the solenoid.
 20. The pin tumbler lock of claim 18,wherein the lockout mechanism is linked to the sensor so that whentampering is sensed by the sensor, the lockout mechanism moves theplunger pin to prevent rotation of the plug.
 21. The pin tumbler lock ofclaim 17, wherein the lockout mechanism is linked to the sensor so thatwhen tampering is sensed by the sensor, the lockout mechanism locksrotation of the plug.
 22. The pin tumbler lock of claim 17, furthercomprising an authentication mechanism for determining authorization ofa key, and wherein the lockout mechanism is linked to the authenticationmechanism so that when authorization is confirmed by the authenticationmechanism, the lockout mechanism permits rotation of the plug, and whenauthorization is not confirmed by the authentication mechanism, thelockout mechanism prevents rotation of the plug.
 23. The pin tumblerlock of claim 22, wherein the authentication mechanism comprises a RFIDreader for detecting an authorized RFID tag in a key.
 24. The pintumbler lock of claim 22, wherein the lockout mechanism is normallylocked, and wherein the authentication mechanism unlocks the lockoutmechanism so that a key may be used to rotate the plug to unlock the pintumbler lock.
 25. The pin tumbler lock of claim 17, wherein the lockoutmechanism is normally locked, and wherein the lockout mechanism must beunlocked so that a key may be used to rotate the plug to unlock the pintumbler lock.